Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Registry Startup Check' = '<SYSTEM32>\checkreg.exe'
- %TEMP%\~3.tmp
- <SYSTEM32>\iisload.dll
- <SYSTEM32>\s32l.txt
- %TEMP%\~4.tmp
- %TEMP%\~2.tmp
- %TEMP%\~1.tmp
- <SYSTEM32>\checkreg.exe
- <SYSTEM32>\wsl1859.dll
- <SYSTEM32>\ws386l.ini
- %TEMP%\~1.tmp в <SYSTEM32>\ws386l.ini
- <SYSTEM32>\ws386l.ini
- ClassName: 'Shell_TrayWnd' WindowName: ''